Uncertain Future – Part VII – State Sponsored Cracking

Now that we have thoroughly made it clear that there is no place left safe on the internet for the common individual, or even major corporations and government organizations, what about the governments themselves? What role do they play in this story.

To begin with, let’s talk about Hacking Team. Hacking Team is a company out of Milan that deals in “offensive intrusion and surveillance” capabilities. This includes the ability to monitor communications of internet users, decipher encrypted files and emails, record Skype and VoIP phone calls, as well as remotely activate microphones and cameras on the devices they target. Their primary clients include governments and major corporations, including a few governments with shady human rights records. Basically, they are the most terrifying conspiracy theories on the internet come to life.

Hacking Team are leaders in the growing industry to help governments hack in ways that make the rest of this article look like child’s play. The Hacking Team gives its clients, through use of their Da Vinci and Galileo platforms the ability to do everything from keystroke logging, GPS tracking on cell phones, and extracting wifi passwords, among many other capabilities. [31] Perhaps most interesting is their ability to steal data on local accounts, contacts and transaction histories by decrypting Bitcoin and other cryptocurrency wallet files. [32]The tools they use, or rather sell, have been used by governments to… well… you’ve seen the movies. Before you start getting up in arms, you might want to check their previous clients, regimes such as Sudan, Bahrain, and Saudi Arabia, and have been accused of being used against activists and protesters in Morocco, Syria, the United Arab Emirates. [33]They even basically serve as the intelligence agency of the Uganda. Some of those relationships landed them in hot water with the UN. To make matters even more frightening, the Italian company maintains two satellite offices within the United States, one in Annapolis and another in Washington DC. That shouldn’t lead people think this relationship buys the US anything though, since Hacking Team is suspected of selling tools to clients in Turkey who used it on a woman in the US [34]and is now suspected of selling their technology to Syria, as well.

What’s put Hacking Team in the news now? Perhaps unsurprisingly at this point, they too were also hacked in 2015. At some point their network was breached and published online – over 400 gigabytes of data. Like I said before, no one is safe.

Hacking Team’s fate, while ironic, only served to open the eyes of millions to existence of real companies whose only profession is equipping governments with the tools to break down any wall, crack any password, end any online uprising, and own our digital lives. For an example, let’s start with something small, like a foreign government hacking into a major American company to determine what media Americans and the rest of the world were allowed to see.

You know, I’ve always wondered if any of the “A movie they don’t want you to see,” advertisements were ever real. Turns out, there was one that absolutely was. In late 2014, Sony pictures planned to release a movie about a talk show host invited to North Korea. Oh, and he tries to assassinate the dictator. It was an okay movie, but honestly, not something you would watch twice on purpose. Where things went terribly, horribly wrong was when Sony pictures suddenly pulled the movie. In the weeks leading up to the release, the North Korean government expressed their “disapproval” of the film. With its ending scene depicting the violent death of their glorious leader, the North Koreans demanded the movie never show… or else. Whatever, we’re Americans, or sort of. Sony Pictures was in America at least. What are they really going to do, bomb us?

No, they didn’t bomb anyone. Instead, what they did was hack Sony Pictures. In that breach, they stole data that included personal information about Sony Pictures employees and their families, e-mails between employees, information about executive salaries at the company, copies of then-unreleased Sony films, and other information. They threatened to release the information, which any of it could have been deadly to the company, from its employee’s information to scripts of movies that haven’t been made. What happened next?

Sony pulled the film.

Not long after, popular demand, and there was a lot of us who now demanded to see this movie, made it available for streaming. Eventually, we were all able to get our fill of the death of the most infamous man alive, but it cost us. The Guardian called the event a massive defeat on American soil and the message was received, international government sponsored hackers can scare Americans into doing whatever they want.

It pissed us off as it introduced a new word into our collective lexicon: Cyberwarfare.